Nothing is unhackable — but the Spatium wallet is as close as it gets

When hacking a crypto wallet gets thieves nothing.

There is a saying in the crypto world — if you don’t hold your private key, someone else does. This has certainly been the case cryptocurrency exchanges, where millions of user funds have been stolen in recent months. And even wallets where users control their own keys have been hacked, again with millions in crypto being stolen.

So how can users protect their private keys (and funds) from hackers? Spatium has a solution that stops hackers in their tracks. Our software wallet’s level of security is better than even today’s hardware wallets because of how it deals with private keys and data storage: namely, we do not form a private key and keep data distributed — resulting in no single point of attack and no access to user funds when a device is compromised.

In this article, we will walk you through how our Spatium Protocol allows us to achieve secure signed transactions without the formation of a private key.

The existing scenario

To perform a standard transaction using another wallet, you make use of a private key (a long, randomized alphanumeric string of data known only to you) and a public key that is out there for everyone to see. Secrecy is paramount, because if anyone else gets their hands on your private key, they have just as much power to access your funds as you do.

While this setup is great for verifying transactions without revealing your private key, that key can be — and has been — stolen. And mainstream adoption of cryptocurrencies cannot happen until investor funds are truly secure. Even keeping your private key completely offline in a paper wallet (literally written on a piece of paper) is less than optimal, since that piece of paper can be lost, destroyed in a fire, or stolen.

What exactly makes the Spatium Wallet practically “Unhackable”?

The Spatium wallet gives users the convenience of signing transactions that a private key would normally provide — but without forming a private key that can be copied and stolen. It does so by utilizing the Spatium Protocol.

1 — Keyless transaction signing via the Spatium Protocol

Traditionally, the signing process is performed on a device on which secret user data (private key) is also stored or derived, which creates a single point of attack. The Spatium Protocol replaces the conventional method of signing transactions with a distributed signing algorithm. Instead of being contained on a single device, a user’s wallet is stored on a combination of several physical devices (any devices running Android, iOS, Windows, or Unix operating systems, as well as a portable hardware device manufactured by us). These devices participate in the generation of public keys and the signing of transactions.

Each participating device has secret data, aka “a secret,” which does not correspond to a private key and cannot be used to compute a private key on its own.

While the secret participates in the signing of transactions and the generation of a public key, the

secret never leaves the device on which it is stored. Therefore, an attacker cannot deduce or discover any of the secrets unless hacking into the actual device where the secret is stored. And since secrets on multiple devices are used in signing a transaction, every single participating device needs to be compromised in order to access user funds. Imagine trying to hack 20 different devices at different locations all with different security at once.

Let’s dive into some details about how the Spatium Protocol works:

• You use one of your devices to initiate a transaction: input the recipient’s address, the amount, and other transaction details.
• The transaction is partially signed using the secret of the first device via certain mathematical computations. On its own, your first device does not have all the information required to complete a transaction. This device encrypts the partially signed transaction and sends it over to the next device.
• The second device also partially signs the transaction using its own secret, without decrypting the message.
• Note that our encryption ensures that the parties do not have access to each other’s secrets, thus, a single party never has enough information in order to alter the existing transaction or to create a new one.
• In this way, even if one of the devices is compromised, there is zero risk of an attacker stealing your funds (unless they simultaneously infect and compromise all of your devices — which is practically impossible).

After all the participating devices have signed the transaction based on the Spatium Protocol, the same result is achieved as when you use a private key — without actually generating a key on any device.

The public key is generated in the same way.

2 — Multiple Devices

Two devices is merely the minimum.

You can set up any number of devices to be part of your Spatium account and to be used for signing transactions. The Android app beta is already out for public use, and we will release the iOS and Windows versions soon as well. By increasing the number of participating devices, you decrease the likelihood of an attacker gaining access to all pieces of data (and thus, your funds).

By Q4 of 2018, Spatium is planning to offer a hardware wallet, which can be used as one of the participating devices in generating a transaction. It will have a number of additional functions, such as a biometric scanner, to increase not just security but also ease of use for cryptocurrency holders, with easy recovery of data being one such notable function.

3 — Physical Security Measures

As recent events around the world demonstrated, owners of cryptocurrency are in danger of being physically attacked by thieves who can force you to hand over access to even a secure hard wallet.

That’s why Spatium implemented mechanisms to protect user funds in any situation.

4 — Plausible Denial

If an attacker on the street forces you to give up access to your account, you can use Spatium’s “plausible denial” feature to grant the attacker access to only a small part of your funds while concealing the bulk of your holdings and sending a distress signal to your designated contact.

5 — Inheritance Mechanism

If something happens to the owner of the wallet, access can be transferred automatically to a trusted party pre-programmed by the owner (including which biometrics can be used and how much time of owner inactivity needs to pass).

Practically Unhackable? You tell us.

With this complex yet elegant system tested by over a 100 internal testers, we believe that Spatium has already achieved a hardware wallet level of security with our software wallet. By the end of this year, we will roll out our hardware devices, with the additional security and functionality that we described above.

Sure, nothing is unhackable — but the Spatium wallet comes so close and makes accessing user data so difficult that users can finally feel secure about their crypto holdings.

The software wallet is in private beta. Sign up to get early access — https://goo.gl/forms/UyZJ2VP9NywsEqe82

For further details about our wallet, team, roadmap, and white paper, please visit our website at spatium.capital

Join the conversation on our official Telegram channel — https://t.me/spatiumwallet